International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 05 Issue: 12 | Dec 2018
p-ISSN: 2395-0072
www.irjet.net
Data Security in Local Network through Distributed Firewalls: A Review Shivani Singh1, Preeti Raj Verma2 1M.Tech
Student, Dept. of Computer Science Engineering, Rama University, Uttar Pradesh, Kanpur Professor, Dept. of Computer Science Engineering, Rama University, Uttar Pradesh, Kanpur ----------------------------------------------------------------------***--------------------------------------------------------------------2Assistant
Abstract - Our Networks at home, schools, offices, companies and other places are not secured because a number of confidential transaction occur every second and today computers are used mostly for transaction rather than processing of data, so Data security is needed to prevent hacking of data and to provide authenticated data transfer. Network Security can be achieved by Firewall which acts as a filter for unauthorized traffic. But there are some problems with these conventional firewalls like they rely on the notation of restricted topology and controlled entry points to function. Restricting the network topology, difficulty in filtering of certain protocols, end-to-end encryption problem and few more problems lead to the evolution of Distributed Firewalls. It secures the network by protecting critical network endpoints, exactly where hackers want to penetrate. This paper is dealing with the general concepts such distributed firewalls, its requirements and implications and introduce, its suitability to common threats on the Internet, as well as give a short discussion on contemporary implementations.
System Management Tools: The system management tools are used to distribute the policy to the firewalls and to collect logging and reporting information. IPSec: IPSEC provides network-level encryption used to secure network traffic and the transmission of policies. It also provides a more important function of providing a way to cryptographically verify the sender of information. Senders can then be uniquely verified by their certificate. It is about constructing and analyzing protocols that overcome the influence of adversaries and which are related to various aspects in information security such as data confidentiality, data integrity, authentication and non-repudiation. [2] Some complications with the conventional firewalls: 1) Depends on the network topology. 2) Do not secure the internal networks attack. 3) Do not handle FTP and Real Audio protocols. 4) There are also single level entry point and the failure of this leads to problems. 5) They do not stop "spoofed" transmissions. 6) Unable to logging all of the network's activity. 7) Unable to dynamically open and close their networking ports. [3]
Key Words: Network Security, Security Policy, Distributed Firewall, Pull Technique, Push Technique. 1. INTRODUCTION A distributed firewall is a mechanism to enforce a network domain security policy through the use of a policy language, a policy distribution scheme enabling policy control from a central point and certificates, enabling the identification of any member of the network policy domain. Distributed firewalls secure the network by protecting critical network endpoints, exactly where hackers want to penetrate. It filters traffic from both the Internet and the internal network because the most destructive and costly hacking attacks still originate from within the organization. They provide virtually unlimited scalability. In addition, they overcome the single point-of-failure problem presented by the perimeter firewall. [1].
2. ARCHITECTURE OF DISTRIBUTED FIREWALLWhile the security policies are deployed in a decentralized way their management is not allowing system administrators to set policies from a central host and therefore still fulfill the requirements of efficient system and network administration. The whole distributed firewall system consists of four main parts: A. The management center: The management center is responsible for the management of all endpoints in the network, security policy constitution and distribution, log file receiving from the host and analysis, intrusion detection and certain measure adoption.
Distributed firewalls are based on three main points-
B. Policy actuator: Policy actuator is installed in each host or gateway to receive the security policy issued by the management center, and to explain and implement the policy. It interprets and runs the security policy program. It is the real program to protect the endpoint host, and it is mainly to realize the function of the traditional firewall. Additionally, it is also to achieve the functions of communicating with the management control center and
Policy Language: The policy language is used to create polices for each of the firewalls. These policies are the collection of rules, which direct the firewall in how to evaluate the network traffic.
Š 2018, IRJET
|
Impact Factor value: 7.211
|
ISO 9001:2008 Certified Journal
|
Page 1044